package com.douyin.authority;

import com.douyin.constant.JwtClaimsConstant;
import com.douyin.properties.JwtProperties;
import com.douyin.utils.JwtUtil;
import io.jsonwebtoken.Claims;
import jakarta.servlet.http.HttpServletRequest;

import org.springframework.stereotype.Component;



@Component(value = "postMappingAuthorityVerify")
public class UnifyAuthorityVerify extends DefaultAuthorityVerify{
    @Override
    public Boolean authorityVerify(HttpServletRequest request, String... permissions) {

        try{
            JwtProperties jwtProperties = new JwtProperties();
            String token = request.getHeader(jwtProperties.getTokenName());
            // 获取当前用户权限
            Claims claims = JwtUtil.parseJWT(jwtProperties.getSecretKey(), token);
            Long uId = Long.valueOf(claims.get(JwtClaimsConstant.USER_ID).toString());
            for (String permission : permissions) {
                if (!AuthorityUtils.verify(uId, permission)) {
                    return false;
                }
            }
        }catch (Exception e){
            return false;
        }
        return true;
    }
}
